I am a little confused as using client-based code to implement any security is strictly contra-indicated in any valid security model that I know of.
For instance, what keeps your desktop users from firing up Excel or worse, Management Studio, connecting directly to your database, and bypassing this security scheme?
[font="Times New Roman"]-- RBarryYoung[/font], [font="Times New Roman"] (302)375-0451[/font] blog: MovingSQL.com, Twitter: @RBarryYoung[font="Arial Black"]
Proactive Performance Solutions, Inc. [/font][font="Verdana"] "Performance is our middle name."[/font]